OmailCVEs & Vulnerabilities
2 CVEs affecting Omail products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
2 CVEs→ All vendors
Most Affected Products
omail webmail 5
CVE-2004-1993CRITICAL
The patch to the checklogin function in omail.pl for omail webmail 0.98.5 is incomplete, which allows remote attackers to execute arbitrary commands via shell metacharacters such as "`" (backticks) in the password.
4 May 2004
10.0
CVSS
CVE-2003-1202CRITICAL
The checklogin function in omail.pl for omail webmail 0.98.4 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) password, (2) domainname, or (3) username.
19 Aug 2003
10.0
CVSS
← PrevPage 1 / 1Next →